opendev
/
gerrit
Code Issues Proposed changes

Merge branch 'stable-2.15' into stable-2.16 

* stable-2.15:
  ElasticContainer: Test with versions 5.6.13 and 6.4.3
  Upgrade elasticsearch-rest-client to 6.4.3
  Bazel: Consume versions directly from lib:versions.bzl in skylib
  AbstractChangeNotes: Never open repo when NoteDb is off
  dev-contributing: Specify buildifier version 0.17.2
  Remove unused dependency on httpcomponents:httpmime
  Fix Elasticsearch dependency on httpcore-nio
  Upgrade Jetty to 9.3.24.v20180605 to fix several CVEs
  [CVE-2018-1000180, CVE-2018-1000613] Upgrade Bouncycastle to 1.60
  Adapt PublicKeyStoreTest to work with BouncyCastle 1.60
  [CVE-2018-10237]: Upgrade guava to 24.1.1-jre
  Stop using CharMatcher.javaLetterOrDigit
  project/Index: Assign and ignore unused future
  [CVE-2017-12629] Upgrade Lucene to 5.5.5
  [CVE-2018-10936] Upgrade postgresql to 42.2.5
  [CVE-2015-1832] Upgrade Apache Derby to 10.12.1.1
  Set version to 2.14.17-SNAPSHOT

Change-Id: I9501df6224b9754bd489eb4f03c4741a09f9fd16
This commit is contained in:
David Pursehouse 2018-11-07 20:01:50 +09:00
parent 13b4120cc9 dd2182557b
commit 3725a7b9c2
4 changed files with 26 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Documentation/dev-contributing.txt
View File

@ -166,7 +166,7 @@ To format Java source code, Gerrit uses the
link:https://github.com/google/google-java-format[`google-java-format`]
tool (version 1.6), and to format Bazel BUILD, WORKSPACE and .bzl files the
link:https://github.com/bazelbuild/buildtools/tree/master/buildifier[`buildifier`]
tool (version 0.15.0).
tool (version 0.17.2).
These tools automatically apply format according to the style guides; this
streamlines code review by reducing the need for time-consuming, tedious,
and contentious discussions about trivial issues like whitespace.

44
WORKSPACE
View File

@ -30,7 +30,7 @@ http_file(
urls = ["https://raw.githubusercontent.com/google/closure-compiler/35d2b3340ff23a69441f10fa3bc820691c2942f2/contrib/externs/polymer-1.0.js"],
)
load("@bazel_skylib//:lib.bzl", "versions")
load("@bazel_skylib//lib:versions.bzl", "versions")
versions.check(minimum_bazel_version = "0.17.1")
@ -759,7 +759,7 @@ maven_jar(
sha1 = "bb562ee73f740bb6b2bf7955f97be6b870d9e9f0",
)
# When updading Bouncy Castle, also update it in bazlets.
# When updating Bouncy Castle, also update it in bazlets.
BC_VERS = "1.60"
maven_jar(
@ -833,10 +833,18 @@ maven_jar(
sha1 = "f5aa318bda4c6c8d688c9d00b90681dcd82ce636",
)
# elasticsearch-rest-client explicitly depends on this version
maven_jar(
name = "httpmime",
artifact = "org.apache.httpcomponents:httpmime:" + HTTPCOMP_VERS,
sha1 = "2f8757f5ac5e38f46c794e5229d1f3c522e9b1df",
name = "httpasyncclient",
artifact = "org.apache.httpcomponents:httpasyncclient:4.1.2",
sha1 = "95aa3e6fb520191a0970a73cf09f62948ee614be",
)
# elasticsearch-rest-client explicitly depends on this version
maven_jar(
name = "httpcore-nio",
artifact = "org.apache.httpcomponents:httpcore-nio:4.4.5",
sha1 = "f4be009e7505f6ceddf21e7960c759f413f15056",
)
# Test-only dependencies below.
@ -956,9 +964,9 @@ maven_jar(
maven_jar(
name = "derby",
artifact = "org.apache.derby:derby:10.11.1.1",
artifact = "org.apache.derby:derby:10.12.1.1",
attach_source = False,
sha1 = "df4b50061e8e4c348ce243b921f53ee63ba9bbe1",
sha1 = "75070c744a8e52a7d17b8b476468580309d5cd09",
)
JETTY_VERS = "9.4.12.v20180830"
@ -1038,8 +1046,8 @@ maven_jar(
maven_jar(
name = "postgresql",
artifact = "org.postgresql:postgresql:42.2.4",
sha1 = "dff98730c28a4b3a3263f0cf4abb9a3392f815a7",
artifact = "org.postgresql:postgresql:42.2.5",
sha1 = "951b7eda125f3137538a94e2cbdcf744088ad4c2",
)
maven_jar(
@ -1079,10 +1087,12 @@ maven_jar(
sha1 = "76716d529710fc03d1d429b43e3cedd4419f78d4",
)
# When upgrading elasticsearch-rest-client, also upgrade http-niocore
# and httpasyncclient as necessary.
maven_jar(
name = "elasticsearch-rest-client",
artifact = "org.elasticsearch.client:elasticsearch-rest-client:6.4.2",
sha1 = "a2baf2d4fdf03f31fbd39351a32bee25fcdfa1cf",
artifact = "org.elasticsearch.client:elasticsearch-rest-client:6.4.3",
sha1 = "5c24325430971ba2fa4769eb446f026b7680d5e7",
)
JACKSON_VERSION = "2.9.7"
@ -1093,18 +1103,6 @@ maven_jar(
sha1 = "4b7f0e0dc527fab032e9800ed231080fdc3ac015",
)
maven_jar(
name = "httpasyncclient",
artifact = "org.apache.httpcomponents:httpasyncclient:4.1.2",
sha1 = "95aa3e6fb520191a0970a73cf09f62948ee614be",
)
maven_jar(
name = "httpcore-nio",
artifact = "org.apache.httpcomponents:httpcore-nio:" + HTTPCOMP_VERS,
sha1 = "a8c5e3c3bfea5ce23fb647c335897e415eb442e3",
)
maven_jar(
name = "testcontainers",
artifact = "org.testcontainers:testcontainers:1.8.0",

4
javatests/com/google/gerrit/elasticsearch/ElasticContainer.java
View File

@ -45,13 +45,13 @@ public class ElasticContainer<SELF extends ElasticContainer<SELF>> extends Gener
case V2_4:
return "elasticsearch:2.4.6-alpine";
case V5_6:
return "docker.elastic.co/elasticsearch/elasticsearch:5.6.12";
return "docker.elastic.co/elasticsearch/elasticsearch:5.6.13";
case V6_2:
return "docker.elastic.co/elasticsearch/elasticsearch-oss:6.2.4";
case V6_3:
return "docker.elastic.co/elasticsearch/elasticsearch-oss:6.3.2";
case V6_4:
return "docker.elastic.co/elasticsearch/elasticsearch-oss:6.4.2";
return "docker.elastic.co/elasticsearch/elasticsearch-oss:6.4.3";
}
throw new IllegalStateException("No tests for version: " + version.name());
}

9
lib/httpcomponents/BUILD
View File

@ -27,21 +27,16 @@ java_library(
exports = ["@httpcore//jar"],
)
java_library(
name = "httpmime",
data = ["//lib:LICENSE-Apache2.0"],
visibility = ["//visibility:public"],
exports = ["@httpmime//jar"],
)
java_library(
name = "httpasyncclient",
data = ["//lib:LICENSE-Apache2.0"],
visibility = ["//java/com/google/gerrit/elasticsearch:__pkg__"],
exports = ["@httpasyncclient//jar"],
)
java_library(
name = "httpcore-nio",
data = ["//lib:LICENSE-Apache2.0"],
visibility = ["//java/com/google/gerrit/elasticsearch:__pkg__"],
exports = ["@httpcore-nio//jar"],
)